Splunk Training
Splunk Certifications
Professional Services
Enterprise Training
Splunk Role-Based Learning Tracks
With such an extensive list of training available, some students don’t know where to start (or stop!). This is why we’ve put together Learning Paths designed to give students everything they need to become true subject matter experts in their desired field.
Splunk Learning Paths are based on Splunk products and persona. Learning Paths are not certification-focused, rather they focus on preparing employees for a particular job role. (For certifications, visit this page).
Do you have any questions about our Splunk training offerings? Simply let us know your requirements using our contact form or call us at +43 1 6000 880-0 and we will be happy to advise you!
Introductory Modules
Before starting any of the Role-Based Learning Tracks below, you should complete the following foundational e-learning modules:
- What is Splunk? (WIS) (free)
- Intro to Splunk (ITS) (free)
- Using Fields (Free) (SUFF) (free)
OR
- Using Fields (SUF) (includes hands-on labs)
Search Expert Role
The Search Expert learning path offers modules to teach you to write efficient searches, perform correlations, create visualizations, and leverage subsearches and lookups.
Knowledge Manager Role
The Knowledge Manager learning path modules teach you to create knowledge objects including lookups, data models, and different types of fields. In addition, you learn to build dashboards and add inputs for filtering.
Data Science Analyst Role
The Data Science Analyst learning path modules teach you to write efficient and optimized searches to extract analytics from your data. It covers machine learning, transaction analysis and prediction. It also includes the modules to help build and use the knowledge objects including data models and lookups.
Splunk Cloud Administrator Role
The Splunk Cloud Administrator learning path offers modules for admins to manage data inputs and configurations in Splunk Cloud.
Splunk Enterprise Administrator Role
The Splunk Enterprise Administrator learning path teaches you the concepts, tasks, and best practices to install, configure, and manage your deployment, and learn to onboard varying data.
Splunk Enterprise Architect Role
The Splunk Enterprise Architect learning path teaches you concepts and best practices for sizing, scaling, and deploying Splunk across your organization.
Splunk Enterprise Developer Role
The Splunk Enterprise Developer learning path teaches you how to harness the power of Splunk's Web Framework, create rich, interactive dashboards and forms, and package Splunk knowledge objects for distribution across your organization.
SOC Analyst (Enterprise Security) Role
The SOC Analyst learning path prepares security analysts to use Splunk Enterprise Security (ES) and Mission Control. Students will use ES to identify and track security incidents, analyze security risks, use predictive analytics, and threat discovery.
SOC Administrator (Enterprise Security) Cloud Role
The SOC Administrator learning path modules teach security admins to configure and manage Enterprise Security on Splunk Cloud.
SOC Administrator (Enterprise Security) On-Prem Role
The SOC Administrator learning path modules teach security admins to install, configure, and manage Enterprise Security on Splunk Enterprise.
SOAR Administrator (Phantom) Role
The SOAR Administrator learning path teaches you how to install and configure SOAR, and achieve orchestration and automation tasks through SOAR playbook development.
IT Analyst (IT Service Intelligence) Role
The IT Analyst learning path teaches analysts to use Splunk IT Service Intelligence features, such as Service Analyzer, Notable Events Review, Glass Tables, Deep Dives, KPI Alerts and more.
IT Administrator (IT Service Intelligence) Cloud Role
The IT Administrator learning path teaches admins to configure and manage Splunk for IT Service Intelligence (ITSI) on Splunk Cloud.
IT Administrator (IT Service Intelligence) On-Prem Role
The IT Administrator learning path teaches admins to install, configure, and manage Splunk for IT Service Intelligence (ITSI) on Splunk Enterprise.
Splunk Observability Role
The Observability learning path for Site Reliability Engineer (SRE), DevOps and Developer includes individual modules that teach the core skills on Infrastructure Monitoring, Application Performance Management, Log Observer, Synthetics, Real User Monitoring and On-Call.
All Splunk Training Modules
Short chunks of training material, bookable as individual modules.
- » Foundational Training
- » Search Expert
- » Knowledge Manager
- » Data Science Analyst
- » Splunk Cloud Administrator
- » Splunk Enterprise Administrator
- » Splunk Enterprise Architect
- » Splunk Enterprise Developer
- » SOC Analyst (Enterprise Security)
- » SOC Administrator (Enterprise Security) Cloud
- » SOC Administrator (Enterprise Security) On-Prem
- » SOAR Administrator (Phantom)
- » IT Analyst (IT Service Intelligence)
- » IT Administrator (IT Service Intelligence) Cloud
- » IT Administrator (IT Service Intelligence) On-Prem
- » Splunk Observability
- » Splunk Training
- » Splunk Learning Paths
Splunk Role-Based Learning Paths
Search Expert
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Working with Time (WWT)
- Statistical Processing (SSP)
- Comparing Values (SCV)
- Result Modification (SRM)
- Leveraging Lookups and Subsearches (LLS)
- Correlation Analysis (SCLAS)
- Search Under the Hood (SUH)
- Multivalue Fields (SMV)
- Search Optimization (SSO)
Knowledge Manager
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Using Choropleth (SUC)
- Search Optimization (SSO)
Data Science Analyst
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Working with Time (WWT)
- Statistical Processing (SSP)
- Comparing Values (SCV)
- Result Modification (SRM)
- Leveraging Lookups and Subsearches (LLS)
- Correlation Analysis (SCLAS)
- Search Under the Hood (SUH)
- Multivalue Fields (SMV)
- Intro to Knowledge Objects (IKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Using Choropleth (SUC)
- Search Optimization (SSO)
- Splunk for Analytics and Data Science (SADS)
Splunk Enterprise Administrator
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Troubleshooting Splunk Enterprise (TSE)
- Splunk Cluster Administration (SCLA)
- Transitioning to Splunk Cloud (TSC)
- Implementing Splunk SmartStore (ISS)
- Working with Metrics in Splunk (WWMS)
- Implementing Splunk Data Stream Processor (DSP) (ISDSP)
Splunk Enterprise Architect
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Troubleshooting Splunk Enterprise (TSE)
- Splunk Cluster Administration (SCLA)
- Architecting Splunk Enterprise Deployments (ASED)
- Splunk Deployment Practical Lab (SDPL)
Splunk Enterprise Developer
- Visualizations (SVZ)
- Working with Time (WWT)
- Statistical Processing (SSP)
- Leveraging Lookups and Subsearches (LLS)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Advanced Dashboards & Visualizations with Splunk (ADVS)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Building Splunk Apps (BAWS)
- Developing with Splunk's REST API (DSRAPI)
SOC Analyst (Enterprise Security)
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Using Splunk Enterprise Security (USES)
- Using Splunk Mission Control (USMC)
SOC Administrator (Enterprise Security) Cloud
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Splunk Cloud Administration (SCA)
- Administering Splunk Enterprise Security (ASES)
SOC Administrator (Enterprise Security) On-Prem
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Administering Splunk Enterprise Security (ASES)
IT Analyst (IT Service Intelligence)
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Leveraging Lookups and Subsearches (LLS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Enriching Data with Lookups (EDL)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Using Splunk IT Service Intelligence (USISI)
IT Administrator (IT Service Intelligence) Cloud
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Working with Time (WWT)
- Leveraging Lookups and Subsearches (LLS)
- Correlation Analysis (SCLAS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Search Optimization (SSO)
- Splunk Cloud Administration (SCA)
- Implementing IT Service Intelligence (ISI)
IT Administrator (IT Service Intelligence) On-Prem
- Scheduling Reports & Alerts (SRA)
- Visualizations (SVZ)
- Working with Time (WWT)
- Leveraging Lookups and Subsearches (LLS)
- Correlation Analysis (SCLAS)
- Search Under the Hood (SUH)
- Intro to Knowledge Objects (IKO)
- Creating Knowledge Objects (CKO)
- Creating Field Extractions (CFE)
- Enriching Data with Lookups (EDL)
- Data Models (SDM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Dynamic Dashboards (SDD)
- Search Optimization (SSO)
- Splunk Enterprise System Administration (SESA)
- Splunk Enterprise Data Administration (SEDA)
- Implementing IT Service Intelligence (ISI)
Splunk Observability
- Introduction to Splunk Observability (eLearning) (ISO)
- Introduction to Splunk IM (eLearning) (ISIM)
- Splunk Infrastructure Monitoring Fundamentals (SIMF)
- Visualizing and Alerting in Splunk Infrastructure Monitoring (VASIM)
- Automation Using the REST and SignalFlow APIs (AURSAPI)
- Using the Splunk IM Terraform Provider (USIMTP)
- Kubernetes Monitoring with Splunk IM (KMWS)
- Ingesting Application Metrics in Splunk IM (IAMSIM)
- Splunk Observability Cloud: Teams (SOCT)
- Splunk Observability Cloud: Enterprise Features (SOCEF)
- Using the Splunk Log Observer (USLO)
- Using Splunk Synthetic Monitoring (USSM)
- Using Splunk Application Performance Monitoring (USAPM)
- Splunk On-Call Administration (SOCA)
- Instrumenting Applications for Splunk APM (IASAPM)
- Using Splunk Real User Monitoring (RUM) (USRUM)
- Responding to Incidents in Splunk On-Call (IRSOC)
Splunk Training
- Administering Splunk Enterprise Security (ASES)
- Administering SOAR (ASOAR)
- Advanced Dashboards & Visualizations with Splunk (ADVS)
- Advanced SOAR Implementation (ASOARI)
- Architecting Splunk Enterprise Deployments (ASED)
- Automation Using the REST and SignalFlow APIs (AURSAPI)
- Building Splunk Apps (BAWS)
- Comparing Values (SCV)
- Correlation Analysis (SCLAS)
- Creating Field Extractions (CFE)
- Creating Knowledge Objects (CKO)
- Creating Maps (SCM)
- Data Models (SDM)
- Developing SOAR Playbooks (DSOARP)
- Developing with Splunk's REST API (DSRAPI)
- Dynamic Dashboards (SDD)
- Enriching Data with Lookups (EDL)
- Implementing IT Service Intelligence (ISI)
- Implementing Splunk Data Stream Processor (DSP) (ISDSP)
- Implementing Splunk SmartStore (ISS)
- Ingesting Application Metrics in Splunk IM (IAMSIM)
- Instrumenting Applications for Splunk APM (IASAPM)
- Introduction to Dashboards (ITD)
- Introduction to Dashboards (Free e-Learning) (ITDF)
- Intro to Knowledge Objects (IKO)
- Intro to Splunk (ITS)
- Introduction to Splunk IM (eLearning) (ISIM)
- Introduction to Splunk Observability (eLearning) (ISO)
- Kubernetes Monitoring with Splunk IM (KMWS)
- Leveraging Lookups and Subsearches (LLS)
- Multivalue Fields (SMV)
- Responding to Incidents in Splunk On-Call (IRSOC)
- Result Modification (SRM)
- Scheduling Reports & Alerts (SRA)
- Search Optimization (SSO)
- Search Under the Hood (SUH)
- Services Core Implementation (SCI)
- Splunk Cloud Administration (SCA)
- Splunk Cluster Administration (SCLA)
- Splunk Deployment Practical Lab (SDPL)
- Splunk Enterprise Data Administration (SEDA)
- Splunk Enterprise System Administration (SESA)
- Splunk Infrastructure Monitoring Fundamentals (SIMF)
- Splunk Observability Cloud: Enterprise Features (SOCEF)
- Splunk for Analytics and Data Science (SADS)
- Splunk Observability Cloud: Teams (SOCT)
- Splunk On-Call Administration (SOCA)
- Statistical Processing (SSP)
- Transitioning to Splunk Cloud (TSC)
- Troubleshooting Splunk Enterprise (TSE)
- Using Choropleth (SUC)
- Using Fields (SUF)
- Using Fields (Free) (SUFF)
- Using Splunk Application Performance Monitoring (USAPM)
- Using Splunk Enterprise Security (USES)
- Using the Splunk IM Terraform Provider (USIMTP)
- Using Splunk Infrastructure Monitoring (USIM)
- Using Splunk IT Service Intelligence (USISI)
- Using the Splunk Log Observer (USLO)
- Using Splunk Mission Control (USMC)
- Using Splunk Real User Monitoring (RUM) (USRUM)
- Using Splunk Synthetic Monitoring (USSM)
- Visualizations (SVZ)
- Visualizing and Alerting in Splunk Infrastructure Monitoring (VASIM)
- What is Splunk? (WIS)
- Working with Metrics in Splunk (WWMS)
- Working with Time (WWT)
Splunk Learning Paths
- Search Expert Learning Path (SE-RBLP)
- Knowledge Manager Learning Path (KM-RBLP)
- Data Science Analyst Learning Path (DSA-RBLP)
- Cloud Administrator Learning Path (CA-RBLP)
- Splunk Enterprise Administrator Learning Path (EADM-RBLP)
- Enterprise Developer Learning Path (ED-RBLP)
- SOC Analyst (Enterprise Security) Learning Path (SOCA-RBLP)
- SOC Administrator (Enterprise Security) Cloud Learning Path (SOCADMC-RBLP)
- SOC Administrator (Enterprise Security) On-Prem Learning Path (SOCADMO-RBLP)
- SOAR Administrator Learning Path (SOAR-RBLP)
- IT Analyst Learning Path (ITA-RBLP)
- IT Administrator (IT Service Intelligence) Cloud Learning Path (ITADMC-RBLP)
- IT Administrator (IT Service Intelligence) On-Prem Learning Path (ITADMO-RBLP)
- Splunk Observability (Developers) Learning Path (SO-DEV-RBLP)
- Splunk Observability (DevOps) Learning Path (SO-DEVOPS-RBLP)
- Splunk Observability (Site Reliability Engineer) Learning Path (SO-SRE-RBLP)
- Splunk Core Certified User Learning Path (SCCU-CBLP)
- Splunk Core Certified Power User Learning Path (SCCPU-CBLP)
- Splunk Core Certified Advanced Power User Learning Path (SPCCAPU-CBLP)
- Splunk Core Certified Advanced Power User: Fast Track (SPCCAPU-FT)
- Splunk Cloud Certified Admin (New): Fast Track (SCCA-FT)
- Splunk Cloud Certified Admin (On-Prem): Fast Track (SCCAOP-FT)
- Splunk Enterprise Certified Admin: Fast Track (SECA-FT)
- Splunk Enterprise Certified Architect Learning Path (SPECA-CBLP)
- Splunk SOAR Certified Automation Developer Learning Path (SOARAD-CBLP)
- Splunk Core Certified Developer Learning Path (SCD-CBLP)